1 / 24

A Cryptography Tutorial

A Cryptography Tutorial. Jim Xu College of Computing Georgia Tech http://www.cc.gatech.edu/~jx. Why Cryptography?. Network information needs to be communicated through insecure channel. Stored information may be accessed without proper authorization.

fraley
Télécharger la présentation

A Cryptography Tutorial

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. A Cryptography Tutorial • Jim Xu • College of Computing • Georgia Tech • http://www.cc.gatech.edu/~jx

  2. Why Cryptography? • Network information needs to be communicated through insecure channel. • Stored information may be accessed without proper authorization. • Cryptography is a systematic way to make that harder.

  3. Common Security Requirements • Secrecy(encryption) • Authenticity(signature/encryption) • Integrity (signature/encryption) • Non-repudiation (signature)

  4. What Cryptography can do? • Encryption: only the authorized party can understand the encrypted message. • Signature: allow people to verify the authenticity of the message.

  5. Classical Cryptography • Shift Cipher (a special case used by Caesar) • Substitution Cipher • Affine Cipher • Vigenere Cipher • Hill Cipher • Permutation Cipher

  6. Cryptoanalysis • Ciphertext-only attack • Known plaintext attack • Chosen plaintext attack • Adaptive Chosen plaintext attack

  7. Cryptoanalysis • Shift Cipher: English histogram • Substitution Cipher: histogram again • Affine Cipher: histogram • Vigenere Cipher: more complicated stat • Hill Cipher: Known plaintext attack • Permutation Cipher: histogram + semantics

  8. Frequency of Letter Occurance

  9. How to achieve perfect secrecy? • One-pad: have a key as long as the plaintext • For example, shift cipher is perfectly secure if the key is random and it is only used to encrypt one character! • Spurious keys: S(n) >= |K|/(|P|^(n*R))-1 • Unicity distance: that n to make S(n) zero

  10. Modern Cryptography • Two broad classes • 1. Shared-key cryptography • 2. Public-key cryptography

  11. Shared-key cryptography • Rooted in computational complexity • Sender has M • Sender sends (M XOR f(x, k), x) • f is a random function • Algorithms: • DES, Various fishes, Lucifer, Fiestel, AES standards (Rijendel), ...

  12. DES • A round can be described as: • Li = Ri-1 • The key generation is performed • An initial permutation PC1 which selects 56 bits and divide them in two halves • In each round • Select 24 bits from each half using a permutation function PC2 • Rotate left each half by one or two position

  13. Rich theory on pseudorandomness • Pseudorandom number/bit generator • Pseudorandom functions (ideal cryptographic hash functions) • Stretch a small completely random string into a longer but less random string • Though less random, indistinguishable to “naked eyes”

  14. Public Key Cryptography • Public/private key pair • Only the owner knows the private key, but everyone knows the public key • If the message is encrypted with the private key, then everyone with the public key can recover the message, but only the owner can generate the encrypted message

  15. Continued • If the message is encrypted with the public key, only the owner can decrypted it using its private key • The first property can be used for signature and the second property can be used for encryption.

  16. Digital signature • Sender sends M, T=E(hash(M), private) • The receiver compares E(T, public) and compares it with hash(M) • M is considered genuine if they match

  17. RSA • Find two big prime numbers p and q • Let B = p*q • Choose private key C to be a number that is coprime with (p-1)*(q-1) • Choose public key D such that C*D=1 mod (p-1)*(q-1)

  18. Continued • Encrypt M: T=M^C (or M^D) • Decrypt M: M = T^D (or T^C) • Theorem: (M^C)^D = M mod B • Why: all the numbers that is coprime with B form a group, and the size of that group is (p-1)(q-1)

  19. Security of RSA • Hinge upon how hard the factorization is • If one can break down B into p and q • then finding C: C*D = 1 mod (p-1)(q-1) is easy • Factorization is found to be quite hard, at least for now.

  20. Cryptographic Protocols • System needs are more complicated than what the primitives can provide • Improperly designed, be broken even if none of the underlying primitives are broken • Hard to check whether it is properly designed (proof logic/model checking/theorem proving methods are involved)

  21. Key exchange • Diff-Hellman • Based on the assumption that knowing prime p and p^n, finding n will be hard • Allow two party to share a key • A senders B p^a and remembers a • B senders A p^b and remembers b • Both sides can generate p^(ab) • Third party can not do that!

  22. Man in the middle • C can establish a key with both A and B, by posing as B and A respectively • Solution: introduce public key or using return address as authentication method

  23. Public Key Infrastructure • Need this infrastructure to prevent A from claiming that B uses the public key that A generates • Both hierachical and flat infrastructure are proposed • Revocation list a major headache

  24. Advanced Issues • Group encryption/signature • Forward security • Everlasting security

More Related